...
- The VE license server package
- A suitable Linux instance to be used as the VE license server. This instance must run
- in a supported cloud environment, or
- in a supported VMware environment, or
- on a supported physical server.
- Correct firewall settings
- The VE-capable Charon emulator software running on a Charon host with appropriate network access to the VE license server
- For AutoVE in AWS: a Charon instance launched from a compatible Automatic Licensing marketplace image (AutoVE definitions must be added before first launch)
These requirements are described in detail below.
...
Where <version> indicates the version of the software, for example, 12.0.1.6.
| Div | ||
|---|---|---|
| ||
Linux Instance for License Server
The license server package must be installed on a supported Linux cloud instance or a Linux VM on VMware.
Currently Supported Cloud Providers
...
At the time of writing, the following VMware Platforms are supported by the VE license server.:
- Requirements for direct ESXi host binding:
- The VE license server must run in one of the VMs on the ESXi server.
- ESXi/vSphere version 6.5 and above.
- Valid license that supports the vSphere API feature. Otherwise the license server fails to start with the message
Failed to detect ESXi/vCenter Server. - Ports 443 (TCP) and 902 (TCP, UDP) must be accessible to the VE license server host.
- 100 MB of free disk space on the ESXi server to be used by the VE license server host.
- Administrative user (and password) on the ESXi/vSphere host used for the binding between license server and ESXi/vSphere host.
- Requirements for vCenter Server binding:
- The VE license server must run in a VM on one of the ESXi systems managed by the vCenter Server.
- vCenter Server version 6.5 and above.
- Ports 443 (TCP) and 902 (TCP, UDP) must be accessible to the VE license server host.
- 100 MB of free disk space on the vCenter Server to be used by the VE license server host.
- Administrative user (and password) on the vCenter Server used for the binding between license server and vCenter Server.
...
The VE license server for VMware environments has also been tested successfully in a Google GCVE (Google Cloud VMware Engine) environment. Please contact Stromasys to discuss your requirements if you need this product combination.
...
| class | pagebreak |
|---|
Linux Host Requirements for the VE License Server
Currently Supported Physical Servers
At the time of writing, the following physical platforms are supported by the VE license server:
- Modern Intel x86 or AMD platform with sufficient resources for the required Linux operating system
| Div | ||
|---|---|---|
| ||
Linux Host Requirements for the VE License Server
The Linux system on which the VE license server runs must fulfill the requirements described below.
...
Any intermediate firewall as well as the cloud-specific subnet and instance security settings must permit the following necessary ports for the appropriate source systems:
- TCP/8083: must be permitted on the license server for the client system to enable the use of the license by the client.
- TCP/8084: must be permitted by the license server for any system that should access the web interface to display information about licenses and active clients (currently not encrypted, hence should not be run across the Internet without a VPN)The TCP port that is used by the license client to access the license must be permitted on the license server. Default: TCP/8083; an alternative port can be configured in /opt/license_server/config.ini.
- The TCP port used by remote systems to query the license server configuration via the web interface must be permitted on the license server. Default: TCP/8084; an alternative port can be configured in /opt/license_server/config.ini.
See Cloud-Specific Firewall Information for an overview about the traffic filtering mechanisms used in the different cloud environments.
...
- The default zone name can be found with the command
firewall-cmd --get-default-zone, a list of all zones can be displayed with the commandfirewall-cmd --get-zones. - The parameter --permanent writes the command to the respective firewalld configuration files. To add the command to the running firewall, re-run it without the parameter --permanent.
- The simplified sample above does not limit the source IP address to the addresses of the license clients. This would require a more sophisticated configuration. Please refer to the documentation of your Linux systemof the license clients. This would require a more sophisticated configuration. Please refer to the documentation of your Linux system.
Communication between Primary and Backup AutoVE License Servers
When AutoVE mode is used, the primary and backup license servers can synchronize their database of registered clients. The TCP port for this synchronization must be permitted on both servers. Default: TCP/8085; an alternative port can be configured in /opt/license_server/config.ini.
Communication Between License Server and Cloud Infrastructure
...
The VE license server software requires matching Charon emulator software. At the time of writing this support was available for Charon-SSP emulator products.
Please note:
- The protocol versions used by the emulator software and the license server must be compatible. The software checks for compatible protocol versions and reports an error should there
...
- be a mismatch.
- The requirements are different for the two modes of a VE license server (general VE or AutoVE).
Charon-SSP Emulator Packages for VE Licenses
...
- Unless there is GUI access to the Charon-SSP host system (or an option to use X11-Forwarding via SSH), Charon Manager and Charon Director must be installed on a remote management system that will be used to configure and manage the Charon-SSP software. The Charon-SSP emulator software can also be run from the command-line, in which case Charon Manager and Director are not required.
- The Charon Agent package contains the RPM and Debian packages for the Charon Manager on Linux and a ZIP file for the Charon Manager on Microsoft Windows (charon-manager-ssp-<version>.zip).
- The Charon-SSP VE emulator software can run on the same system as the license server or on a separate system with appropriate network access to the VE License Server.
Charon-SSP AutoVE-enabled Marketplace Image
If the VE license server is used in AutoVE mode, the license client must be an instance launched from a compatible AWS marketplace AMI. The AutoVE license server must be defined for the instance before first launch.
| Div | ||
|---|---|---|
| ||
VE License Server Software Installation
...
| Code Block | ||
|---|---|---|
| ||
# dnf install charon*.rpm
Last metadata expiration check: 18:49:07 ago on Di 23 Mär 2021 17:29:15 CET.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
charon-agent-ssp x86_64 5.0.1-1 @commandline 28 M
charon-director-ssp x86_64 5.0.1-1 @commandline 112 k
charon-manager-ssp x86_64 5.0.1-1 @commandline 1.8 M
charon-ssp-4m x86_64 5.0.1.ve.el8-1 @commandline 2.2 M
charon-ssp-4u+ x86_64 5.0.1.ve.el8-1 @commandline 14 M
charon-ssp-4v+ x86_64 5.0.1.ve.el8-1 @commandline 14 M
Installing dependencies:
<lines removed>
Transaction Summary
================================================================================
Install 48 Packages
Total size: 70 M
Total download size: 9.2 M
Installed size: 183 M
Is this ok [y/N]: y
Downloading Packages:
<lines removed>
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
<lines removed>
Installed:
<lines removed>
charon-agent-ssp-5.0.1-1.x86_64
charon-director-ssp-5.0.1-1.x86_64
charon-manager-ssp-5.0.1-1.x86_64
charon-ssp-4m-5.0.1.ve.el8-1.x86_64
charon-ssp-4u+-5.0.1.ve.el8-1.x86_64
charon-ssp-4v+-5.0.1.ve.el8-1.x86_64
<lines removed>
Complete! |
Launching a AutoVE-enabled Instance from AWS Marketplace
Please refer to Setting Up a Linux Instance in AWS.
| Include Page | ||||
|---|---|---|---|---|
|